CakePHP Italia

La comunità italiana di CakePHP

CakePHP 3.2.9 released

The CakePHP core team is happy to announce the immediate availability of CakePHP 3.2.9. This is a maintenance release for the 3.2 branch that fixes several community reported issues and adds a few minor features.

Bugfixes

You can expect the following changes in 3.2.9. See the changelog for every commit.

  • 'chef' is now pluralized correctly. (@ADmad)
  • Valiation::notBlank() now accepts '0'. (@dereuromark)
  • CookieComponent now correctly uses the encryption key configured on specific top-level keys. (@jorisvaesen)
  • SQLite schema generation now handles DEFAULT 'NULL' correctly. (@chinpei25)
  • CacheEngineFileEngine uses less memory when writing cache data. (@psaintjust)
  • EntityContext no longer modifies query objects. (@lorenzo)
  • Session::renew() no longer triggers errors when object destruction fails. (@lorenzo)
  • The ExistsIn rule now correctly applies on new entities that don't have the required columns set. (@raul338)
  • View classes set with viewBuilder() now take precedence over those defined with the deprecated viewClass property. (@markstory)
  • CompletionShell now correctly lists all subcommand names. (@markstory)
  • Bound parameters in eagerly loaded associations via the subquery strategy now work correctly. (@greew)
  • The IsUnique rule no longer emits field = NULL when properties are null. Instead it emits IS NULL. (@markstory)
  • Hash::merge() no longer emits an error when merging more than 2 arrays, containing mixed string/array values. (@markstory)
  • FormHelper::input() now forwards additional options to error() allowing you to turn of HTML escaping if you so wish. (@pperejon)

Minor Enhancements

  • Cache::clearAll() was added. This method lets you clear all data from all configured cache engines. (@mirkopagliai)
  • The ValidCount rule was added. This rule lets you ensure associations have the required number of associated values more easily. (@burzum)
  • BaseAuth now passes the 'username' to custom finders. (@phillaf)
  • Validator::hasAtLeast() and Validator::hasAtMost() were added. (@lorenzo)
  • Folder::read() now supports ordering files by modified time, or name. (@Tzaoh)
  • New mastercard numbers are now accepted by Validation::luhn (@psaintjust)
  • Date::setDefaultLocale() and Time::setDefaultLocale() were added. These methods replace direct access to the $defaultLocale property. (@markstory)
  • Named route mismatches now have better error messages. (@markstory)

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.

Continua a leggere

CakePHP 2.8.4 Released

The CakePHP core team is happy to announce the immediate availability of CakePHP 2.8.4. This is a maintenance release for the 2.8 branch that fixes several community reported issues.

Bugfixes

You can expect the following changes in 2.8.4. See the changelog for every commit.

  • FormHelper::postLink() now correctly generates SecurityComponent field hashes when used within another form. (@MarkusBauer)
  • Validation::phone() now accepts 'N11' exchanges for North American phone numbers. (@markstory)
  • The Equifax Secure Certificate Authority root certificate was re-added. This fixes several issues with the certificate bundle update in 2.8.3. (@markstory)
  • BlowfishPasswordHasher now generates a random salt when comparing to a hashed password of ''. This prevents incorrect password matching on empty values. (@markstory)
  • FixtureTask honours the --records and --schema options when creating a fixture in a non-interactive fashion. (@markstory)
  • Several missing European locales were added (@bancer)
  • HTTP Range header parsing is more resilient (@markstory)
  • A regression introduced in 2.8.0 in FormHelper when handling the deprecated action option has been fixed. (@markstory)

Minor Features

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.

Continua a leggere

CakePHP 3.2.7 released

The CakePHP core team is happy to announce the immediate availability of CakePHP 3.2.7. This is a maintenance release for the 3.2 branch that fixes several community reported issues and adds a few minor features.

Bugfixes

You can expect the following changes in 3.2.7. See the changelog for every commit.

  • Connection drivers now support short classname references. (@ndm2)
  • Exception types raised by SecurityComponent have been updated to match the documented values. (@justinyost)
  • FormHelper postLink elements generated inside an open form now work as expected. (@markstory)
  • Schema reflection in MySQL now preserves TEXT & BLOB column lengths. (@HavokInspiration)
  • The bundled Certificate Authority file was updated using the latest Mozilla Certificate bundle. (@markstory)
  • Empty JSON values can be read by HttpClient. (@ADmad)

Minor Enhancements

  • Text::slug() was added. This method leverages the intl extension, and will replace Inflector::slug() which is now deprecated. (@ADmad)
  • Text::transliterate() was added. This method allows unicode strings to be transliterated into ASCII using the intl extension. (@ADmad)
  • Support for TINYTEXT, MEDIUMTEXT and LONGTEXT was added. These types are compatible with all core drivers. (@HavokInspiration)
  • Support for TINYBLOB, MEDIUMBLOG and LONGBLOB was added. These types are compatible with all core drivers. (@HavokInspiration)

CakeFest Tickets Available Now

Tickets are now available for CakeFest 2016. Join us in Amsterdam for 2 days of workshops followed by 2 days of talk from community members and renowned PHP developers.

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.

Continua a leggere

CakePHP 3.1.13 released

The CakePHP core team is happy to announce the immediate availability of CakePHP 3.1.13. This release contains security fixes.

Security Fixes

These releases fix a weakness in Validation::uploadedFile() where file inputs could be manipulated to accept existing files on the server. This could potentially lead to an attacker being able to access sensitive system files. If you are using Validation::uploadedFile() and not checking mime-types or ensuring that the file was in-fact an uploaded file, you should upgrade. We'd like to thank Kurita Takashi for reporting this issue.

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.

Continua a leggere

CakePHP 3.2.6 released

The CakePHP core team is happy to announce the immediate availability of CakePHP 3.2.6. This release contains security
fixes and bugfixes.

Security Fixes

These releases fix a weakness in Validation::uploadedFile() where file inputs could be manipulated to accept existing files on the server. This could potentially lead to an attacker being able to access sensitive system files. If you are using Validation::uploadedFile() and not checking mime-types or ensuring that the file was in-fact an uploaded file, you should upgrade. We'd like to thank Kurita Takashi for reporting this issue.

Bugfixes in 3.2.6

  • Improved API documentation (@Sethathi, @thinkingmedia)
  • Queries generated by the marshaller now correctly alias primary key columns. (@markstory)
  • Complex conditions in BelongsToMany associations now work correctly. (@markstory)
  • Select box widgets for boolean values now generate correctly. false is now treated as equivalent to 0. (@markstory)
  • HttpClient now supports ssl_verify_peer_name option correctly now. (@curtisgibby)
  • CakePHP can now be used from within a phar file. (@lorenzo)
  • Bound parameters in sub-queries now propagate to their parent query. (@markstory)
  • A regression in the Postgres schema reflection code has been corrected. (@markstory)
  • Accessing TitleCase properties from entities now works as expected. (@dakota)
  • Cells in sub-namespaces now work as one would expect. (@markstory)
  • '' is now a valid value for time inputs. (@markstory)

New Features in 3.2.6

  • CakeORMMarshaller::one() now supports a forceNew option that can be used to create 'new' belongsToMany association records when the primary key is not defined. (@Tzaoh)
  • SecurityComponent now emits helpful error messages when secure field comparisons fail and an application is in debug mode. (@steinkel)
  • Validation::localizedTime() was added. (@ypnos-web)
  • Error logs contain request URL and referrer URLs. (@mirko-paglial)

As always, a huge thanks to all the community members that helped make this release happen by reporting issues and sending pull requests.

Continua a leggere